Chef data bags
- Is to encrypt sensitive information.
- Refer Here
- Creating databag manually refer here
- In the chef-repo folder
mkdir data_bags
cd data_bags
mkdir admins # admins is data bag name
knife data bag create admins # This command creates the data bag on the server
- Create a file called as mysql.json in admins folder with following content
{
"id": "mysql",
"username": "root",
"password": "rootroot"
}
- Data bag is used to encrypt the content and while reading from recipe it will decrypt
- Upload the file with secret text or secret file, so that the data is encrypted on the server
knife data bag from file admins .\mysql.json --secret <yoursecret>
- Now look at data bag item in Chef management Console
- To encrypt the local file in your cook book use the following comamnd
knife data bag from file admins .\mysql.json --secret <yoursecret> --localmode
- When the user wants to access the data from data bag inside recipe or templates use the following syntax
mysqldatabag_item = data_bag_item('admins','mysql', '<secret>')
username = mysqldatabag_item['username']
password = mysqldatabag_item['password']
Chef Unattended bootstrap
Chef Server Installation
Exercise Spring Boot application (Spring-petclinic) as a Service
- Steps for installing java and downloading spring petclinic
sudo apt-get update
sudo apt-get install openjdk-8-jdk -y
sudo wget https://learningspcfromqt.s3.us-east-2.amazonaws.com/spring-petclinic.jar
- Write a script to run this application. (This script will run continuously as long as application is running)
sudo vi my-webapp.sh
#!/bin/bash
java -jar spring-petclinic.jar
- To avoid this long running script, make spring-petclinic a linux daemon(service).
- sudo vi /etc/systemd/system/springpetclinic.service
[Unit]
Description=My Webapp
[Service]
User=ubuntu
#change this to your workspace
WorkingDirectory=/home/ubuntu
#path to executable.
#executable is a bash script which calls jar file
ExecStart=/bin/bash /home/ubuntu/my-webapp.sh
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
- To reload the deamon
“`sudo systemctl daemon-reload“
- enable the service for every boot
“`sudo systemctl enable springpetclinic.service“
- start the service
sudo systemctl start springpetclinic
- check the application is running or not
sudo systemctl status springpetclinic
- For centos the create a file /etc/systemd/system/springpetclinic.service
[Unit]
Description=My Webapp
[Service]
User=centos
#The configuration file application.properties should be here:
#change this to your workspace
WorkingDirectory=/home/centos
#path to executable
#executable is a bash script which calls jar file
ExecStart=/bin/bash /home/centos/my-webapp.sh
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
Like this:
Like Loading...
